Unless otherwise indicated herein, the materials described in this section are not prior art to the claims in this application and are not admitted to be prior art by inclusion in this section.
Timing attacks are a form of side channel attack in which an attacker attempts to compromise a target by analyzing time used to carry out target operations. Every logical operation in a computer takes time to execute, and execution time for target operations can differ based on input to the target operations. With precise measurements of the time for target operations, the attacker can work backwards to ascertain target inputs.
Timing attacks may occur in a wide variety of settings. In general, settings involving multiple processes that share computing hardware are particularly vulnerable to timing attacks. For example, a computer may execute several processes, one of which may launch timing attacks on the others. In another example, a computer may be equipped with a Virtual Machine Manager (VMM), also referred to herein as a “hypervisor”, which is configured to host several Virtual Machines (VMs), also referred to herein as “guest operating systems (OSs)”. One of the guest OSs may launch timing attacks on the others.
Timing attacks are particularly relevant in today's cloud computing and data center environments. Mainstream computer use is evolving from individually managed, stand-alone computing devices to connected devices that access software and/or data via a network connection. “Cloud computing” refers to a computing model in which computing resources may be accessed via a network connection. Resources available from the network may be referred to as “in the cloud”.
Behind a network connection, a “cloud” may comprise professionally managed hardware and software. Data center/infrastructure providers may supply hardware infrastructure itself, e.g., racks and rows of servers comprising processors, memory, cabling, cooling systems, raw storage, firewalls, and load balancers. In some instances infrastructure itself may be provided as a service, such as the “Elastic Compute Cloud” (EC2) provided by AMAZON®, and MICROSOFT WINDOWS AZURE®. Furthermore, “Platform as a Service” (PaaS) providers may supply platform layers that use infrastructure provider hardware. Platform layers may include, for example, computing platforms such as OSs, programming language execution environments, databases, and web servers. “Software as a Service” (SaaS) providers may supply software layers that use platform providers' platforms. SaaS software layers may include, for example, application software implementing network services that can be made available in a cloud to client applications operated by end users and/or other network services.
To make better use of resources, cloud computing providers may multiplex several VMs from different customers on a single physical machine. This practice opens the danger of side channel attacks, such as timing attacks, from malicious customers. Security is an important concern of customers considering deployment to the cloud.